Page 5 of 169 results (0.004 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

The use of the deprecated API `process.binding()` can bypass the permission model through path traversal. This vulnerability affects all users using the experimental permission model in Node.js 20.x. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. El uso de la API obsoleta `process.binding()` puede omitir el modelo de permiso a través del Path Traversal. Esta vulnerabilidad afecta a todos los usuarios que utilizan el modelo de permisos experimental en Node.js 20.x. Tenga en cuenta que en el momento en que se emitió este CVE, el modelo de permiso es una característica experimental de Node.js. • https://hackerone.com/reports/2051257 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1

A vulnerability has been identified in Node.js version 20, affecting users of the experimental permission model when the --allow-fs-read flag is used with a non-* argument. This flaw arises from an inadequate permission model that fails to restrict file stats through the `fs.statfs` API. As a result, malicious actors can retrieve stats from files that they do not have explicit read access to. This vulnerability affects all users using the experimental permission model in Node.js 20. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. Se ha identificado una vulnerabilidad en la versión 20 de Node.js, que afecta a los usuarios del modelo de permisos experimental cuando se utiliza el indicador --allow-fs-read con un argumento "non-*". Esta falla surge de un modelo de permisos inadecuado que no logra restringir las estadísticas de archivos a través de la API `fs.statfs`. Como resultado, los actores maliciosos pueden recuperar estadísticas de archivos a los que no tienen acceso de lectura explícito. • https://hackerone.com/reports/2051224 https://security.netapp.com/advisory/ntap-20231103-0004 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0

Some MongoDB Drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when specific authentication-related commands are executed. Without due care, an application may inadvertently expose this sensitive information, e.g., by writing it to a log file. This issue only arises if an application enables the command listener feature (this is not enabled by default). This issue affects the MongoDB C Driver 1.0.0 prior to 1.17.7, MongoDB PHP Driver 1.0.0 prior to 1.9.2, MongoDB Swift Driver 1.0.0 prior to 1.1.1, MongoDB Node.js Driver 3.6 prior to 3.6.10, MongoDB Node.js Driver 4.0 prior to 4.17.0 and MongoDB Node.js Driver 5.0 prior to 5.8.0. This issue also affects users of the MongoDB C++ Driver dependent on the C driver 1.0.0 prior to 1.17.7 (C++ driver prior to 3.7.0). • https://jira.mongodb.org/browse/CDRIVER-3797 https://jira.mongodb.org/browse/CXX-2028 https://jira.mongodb.org/browse/NODE-3356 https://jira.mongodb.org/browse/PHPC-1869 https://jira.mongodb.org/browse/SWIFT-1229 https://security.netapp.com/advisory/ntap-20231006-0001 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1

A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API `process.binding()` can bypass the policy mechanism by requiring internal modules and eventually take advantage of `process.binding('spawn_sync')` run arbitrary code, outside of the limits defined in a `policy.json` file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. Existe una vulnerabilidad de escalada de privilegios en el mecanismo de directiva experimental en todas las líneas de versión activas: 16.x, 18.x y 20.x. El uso de la API obsoleta 'process.binding()' puede omitir el mecanismo de la política al requerir módulos internos y, finalmente, aprovechar 'process.binding('spawn_sync')' ejecutar código arbitrario, fuera de los límites definidos en un archivo 'policy.json'. • https://hackerone.com/reports/1946470 https://security.netapp.com/advisory/ntap-20231006-0006 https://access.redhat.com/security/cve/CVE-2023-32559 https://bugzilla.redhat.com/show_bug.cgi?id=2230956 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-269: Improper Privilege Management •

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0

The use of `Module._load()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. El uso de 'Module._load()' puede omitir el mecanismo de políticas y requerir módulos fuera de la definición policy.json para un módulo determinado. Esta vulnerabilidad afecta a todos los usuarios que utilizan el mecanismo de directiva experimental en todas las líneas de versión activas: 16.x, 18.x y 20.x. • https://hackerone.com/reports/1960870 https://security.netapp.com/advisory/ntap-20230915-0009 https://access.redhat.com/security/cve/CVE-2023-32002 https://bugzilla.redhat.com/show_bug.cgi?id=2230948 • CWE-288: Authentication Bypass Using an Alternate Path or Channel CWE-1268: Policy Privileges are not Assigned Consistently Between Control and Data Agents •